Tuesday, August 28, 2018

Snort Rule Update for Aug. 28, 2018

In this release, we introduced 31 new rules, two of which are Shared Object rules. There were no rule modifications in this release.

The new rules provide additional coverage for several critical vulnerabilities in Adobe Reader that could allow an attacker to arbitrarily execute code on a victim machine. There is also protection against the recently discovered Marap malware, which has been spotted in the wild targeting financial institutions.

There were no changes made to the snort.conf in this release.

Talos would like to thank the following individuals for their contributions, their rules are included in the Community Ruleset:

PT Security — 47567 and 47427

Yaser — 47639, 47640 and 47650

Talos's rule release:

New SO rules: 2

New Rules: 29

In order to subscribe now to Talos's newest rule detection functionality, you can subscribe for as low as $29 U.S. a year for personal users, be sure and see our business pricing as well here. Make sure and stay up to date to catch the most emerging threats.